package com.example.springbootxss.filter;

import org.springframework.util.StringUtils;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;

public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
    public XssHttpServletRequestWrapper(HttpServletRequest request) {
        super(request);
    }

    @Override
    public String getParameter(String name) {
        String oldValue = super.getParameter(name);
        if (StringUtils.isEmpty(oldValue)) {
            return oldValue;
        }
//         通过转义，来实现过滤js脚本
        String newValue = oldValue.replaceAll("<", "&lt;").replaceAll(">", "&gt;");
        return newValue;
    }
}
